AD Site Setup

J

Josh

All:

I have just setup a new remote site that has one domain
controller. This site has about 20 computers connecting
to the server for basic file and print services. Two
questions:

1. Do I need to setup that server as a bridgehead server?

2. Do I need to make that server a global catalog?

Thanks.
 
H

Herb Martin

Josh said:
All:

I have just setup a new remote site that has one domain
controller. This site has about 20 computers connecting
to the server for basic file and print services. Two
questions:

1. Do I need to setup that server as a bridgehead server?
Click to expand...

No, it's automatic -- unless you turn off that feature and
take over the responsibility.

Just make sure it is IN that site (Sites and Servers).
2. Do I need to make that server a global catalog?
Click to expand...

Yes. Every site should have a GC (or more.)
 
P

ptwilliams

1. Do I need to setup that server as a bridgehead server?

No let the ISTG (Inter-KCC) sort the connection objects and the bridgeheads.
This way you have automatic redundancy, as the ISTG will reconfigure a
bridgehead if one is down.
2. Do I need to make that server a global catalog?
Click to expand...

You don't *need* to do so, but it *is* most recommended. Otherwise NT5.x
clients among other things, by default, will authenticate over the WAN.

In fact, if you have only one domain you should make all of your DCs GCs.


--

Paul Williams
_________________________________________
http://www.msresource.net


Join us in our new forums!
http://forums.msresource.net
_________________________________________


All:

I have just setup a new remote site that has one domain
controller. This site has about 20 computers connecting
to the server for basic file and print services. Two
questions:

1. Do I need to setup that server as a bridgehead server?

2. Do I need to make that server a global catalog?

Thanks.
 
A

Alexander Suhovey

2. Do I need to make that server a global catalog?
Yes. Every site should have a GC (or more.)
Click to expand...

I wouldn't be so sure. Generally, yes, but it depends on AD structure.
Yes/No is a mater of comparing authentication traffic vs. replication
traffic as well as of WAN link reliability/bandwidth. One could even
consider not to have additional DC at all in small branch office with good
WAN connection.

hth,
Al.
 
P

ptwilliams

Obviously it isn't actually necessary, and there are instances whereby you
wont even have a DC, but for site localisation a GC is essential; thus, it
is recommended that every site have at least one. If your sites are
connected via fast, reliable lines then this is not as important. But why
add additional traffic to the WAN if you don't have to?

Mind you, I make every DC a GC... period!

--

Paul Williams
_________________________________________
http://www.msresource.net


Join us in our new forums!
http://forums.msresource.net
_________________________________________


Alexander Suhovey said:
Yes. Every site should have a GC (or more.)
Click to expand...

I wouldn't be so sure. Generally, yes, but it depends on AD structure.
Yes/No is a mater of comparing authentication traffic vs. replication
traffic as well as of WAN link reliability/bandwidth. One could even
consider not to have additional DC at all in small branch office with good
WAN connection.

hth,
Al.
 
A

Alexander Suhovey

But why add additional traffic to the WAN if you don't have to?
I wonder if you follow because that was exactly my point.
Another point could be that TCO of additional DC can exeed expences of added
authorization traffic.

I don't say you don't need GC/DC in branch office. I say you may not need it
or may profit from not have it vs have it. Depends on your setup.


Al.
 
H

Herb Martin

Alexander Suhovey said:
I wouldn't be so sure. Generally, yes, but it depends on AD structure.
Yes/No is a mater of comparing authentication traffic vs. replication
traffic as well as of WAN link reliability/bandwidth. One could even
consider not to have additional DC at all in small branch office with good
WAN connection.
Click to expand...

If you have no DC, then in some since it is not a "site";
technically you can make it a site without a DC but since
site's are largely about replication and authentication without
a DC there is almost no (technical) reason. **

**Technically you might make a site for directing DFS
traffic but I know of no other services that respects sites.

When we say "every site should have a GC" we are talking
about normal sites that have a DC. If there's a DC there,
then there should be a DC.

In Win2003 we can use "Universal group cachine" to eliminate
(some of) the need for a GC in every site, but this is only a
help for the largest forests with the smallest or most poorly
connected (small) sites.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

bridgehead server for two sites with two domains. 3
Single domain AD with many separated offices 9
Global Catalog 8
preferred bridgehead server 1
Sign in issues 2
Global Catalog Setup 0
Sites and Services questions. 12
AD Sites and Services 2

Top